From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
To: mpd@netcom.com (Mike Duvos)
Message Hash: eb28b58f47fd50a374b781e326305a3b0041a4fca28fb5571914578d8d9f093c
Message ID: <9605231751.AA00362@ch1d157nwk>
Reply To: <199605222008.NAA02211@netcom16.netcom.com>
UTC Datetime: 1996-05-24 00:05:02 UTC
Raw Date: Fri, 24 May 1996 08:05:02 +0800
From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Fri, 24 May 1996 08:05:02 +0800
To: mpd@netcom.com (Mike Duvos)
Subject: Re: The Twilight of the Remailers?
In-Reply-To: <199605222008.NAA02211@netcom16.netcom.com>
Message-ID: <9605231751.AA00362@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain
Mike Duvos <mpd@netcom.com> wrote:
> Andrew Loewenstern <lowensa@il.us.swissbank.com> wrote:
> > While this is a nice thought, it is incorrect. You can't
> > "covertly inject packets into the Net, in some untraceable
> > manner."
>
> You can temporarily modify router tables, spoof IPs and idents,
> and leave few traces behind once the data has been transferred,
> particularly if the origin is some obscure foreign location.
Sure, doing this will make your packets untraceable, but for how long?
Changing router tables and spoofing IPs is going to attract unwanted
attention fast. I don't think such active IP attacks are appropriate for a
remailer running unattended.
Perhaps you mean that individual users should do these kinds of things
instead of using remailers? For untraceability, I would put my money on
chained MixMasters over IP spoofing. Besides, with IPv6 you won't be able to
do these things anymore, but remailers will still work.
> The idea here was to have a large number of nodes, each capable
> of injecting data into the Net in a manner which cannot be
> easily traced back to an individual. These nodes would talk
> to each other using a mechanism which obscured both eavesdropping
> and traffic analysis of their communications, a DC-Net being
> one possible way of doing this.
It's a good idea but it doesn't work in the real life. You can't put a
message in a public place (like UseNet) or send one to an unwitting e-mail
recipient (such as a mailing list) in an untraceable manner, repeatedly over
time. The last remailer is going to traceable. A DC-Net is great, but it
isn't going to be useful to very many people if the only people you can send
messages to are the other DC-Net participants. Yes, this has applications,
but it is not a replacement for the remailers we have now and are starting to
loose at an alarming rate.
> > Since it looks like the "everyone's a remailer" dream is
> > not becoming a reality, the key to successful remailers is
> > to make the *operators* untraceable as well. If you can't
> > trace the operator, you can't hold them liable. We have
> > discussed techniques for doing this before: cash paid
> > accounts, using dialups (possibly from a public phone).
> > The remailer must be a 'sacrificial cow' that can be > snatched
> > up by 'authorities' at any time.
> You could get the same effect with an instant anonymous account
> that could be purchased with Ecash. You would buy it on the
> spot, send your mail, and forget about it. For all practical
> purposes, it would serve the same function as a remailer, and
> steps could be taken to obscure the identity of whoever had
> telnetted to it.
But not every piece of mail sent through a remailer is 'hot' enough to get
it shut down. The vast majority of traffic is harmless. Also, taking steps
to obscure the identity of whoever had telnetted to it is hard, way too hard
for the average user who wants to send remail securely. If the remailer op
does it once to setup a remailer, then potentially a very large number of
people can use the remailer until it gets busted. In the mean time the
remailer op collects postage to compensate him for his effort.
Also you later say that "I don't think most people are going to pay to
remail." Well if people aren't going to pay to remail, why would they pay to
open a disposable ecash account to send a piece of untraceable mail? How
much will the cheapest account be? Probably less than what a remailer, which
can handle hundreds of messages a day, running on the exact same account
would charge.
Then you say "Or, to put it another way, the types of traffic people will
pay to remail are those no remailer operator will want to touch with a barge
pole." Well duh. My message you are refuting (and suggesting that the
alternative is IP spoofing) is entirely centered around the idea that the
remailer operator remain untraceable is because the traffic could potentially
be too 'hot' for the remail-op to manage. I guess you mean that the all the
harmless traffic will disappear once you have to pay to play. Well, if the
only remailers around are for-pay ones with untraceable operators because all
the public ones got busted, people will pay. If people didn't want a high
assurance of untraceability, people would just use Penet.
I don't think remail postage is going to have to be expensive. It doesn't
take long to pay for a $15 a month telnet-only account. If you charged only
a dime each, it would only take 150 messages to pay for it. Over a month
thats about 5 messages a day. Sounds reasonable to me. A 3 remailer chain
would cost $0.30, less than snail mail...
> Another possible approach is the "remailing packets" one.
> You could set up a packet remailer which could be used as a
> universal proxy server in some untouchable foreign location.
> If we had a "packet remailer in a box", these things could
> pop up all over the place, live a short time, and be nuked.
> Since the communication would be real-time, concerns over
> reliability and delivery would not exist in the same way they
> do for the current system of remailers.
Which untouchable foreign locations do you refer to? For all the talk of
these glorious havens we don't have any remailers setup in them. The
Netherlands isn't one of them. Neither is Germany or France for sure. You
can't have these "pop up all over the place" if it has to pop up in an
untouchable foreign location that doesn't exist. If you think people get the
heebie jeebies about running a remailer that could possibly be used to carry
threats or illegal pictures, just wait to you see their reaction when you
tell them that people could use their packet remailer to hack other sites.
While remailer traffic has a chance of getting constitutional protection (in
this country obviously), there is no doubt that hacking machines is not
protected.
Buying an anonymous telnet-only account with cash, then using a CyberCafe or
some other public Net terminal to setup the remailer sounds like a much more
viable solution for a potential remail-op than flying to Micronesia. Or
waiting patiently for people in these untouchable foreign locations to setup
remailers.
Also, I think it's time to stop expecting people to rush out and setup these
things if they were easier to setup. People simply don't get enough benefit
for the risk of running a remailer. A web server is harder to setup than
Mixmaster but there are a lot more web sites. If remailer ops are going to
be liable for content, then few people are going to want to do it, regardless
of the difficulties involved of setting up the software.
Also, people want an/pseud-onymity. Look at how many accounts the penet
service has. As people realize that such services offer little assurance of
untraceability, they will turn more and more to cypherpunk remailers. If the
only way a remailer can stay up is if it charges then the market will decide
if it is worth it. I think the market is there.
andrew
Return to May 1996
Return to “tcmay@got.net (Timothy C. May)”